public static function Save($strFormState, $blnBackButtonFlag) { // Compress (if available) if (function_exists('gzcompress')) { $strFormState = gzcompress($strFormState, 9); } // Setup CurrentStateIndex (if none yet exists) if (!array_key_exists('qform_current_state_index', $_SESSION)) { $_SESSION['qform_current_state_index'] = 0; } // Increment CurrentStateIndex if BackButtonFlag is true // Otherwise, we're in an ajax-to-ajax call, and the back button is invalid anyway // No need to increment session state index -- let's not to save space // if ($blnBackButtonFlag) $_SESSION['qform_current_state_index'] = $_SESSION['qform_current_state_index'] + 1; $intStateIndex = $_SESSION['qform_current_state_index']; // Save THIS formstate // NOTE: if gzcompress is used, we are saving the *BINARY* data stream of the compressed formstate // In theory, this SHOULD work. But if there is a webserver/os/php version that doesn't like // binary session streams, you can first base64_encode before saving to session (see note below). $_SESSION['qform_' . $intStateIndex] = $strFormState; // Return StateIndex if (!is_null(QForm::$EncryptionKey)) { // Use QCryptography to Encrypt $objCrypto = new QCryptography(QForm::$EncryptionKey, true); return $objCrypto->Encrypt($intStateIndex); } else { return $intStateIndex; } }
public static function Save($strFormState, $blnBackButtonFlag) { // Compress (if available) if (function_exists('gzcompress')) { $strFormState = gzcompress($strFormState, 9); } if (empty($_POST['Qform__FormState'])) { // no prior form state, so create a new one. $strFormInstance = uniqid(); $intFormStateIndex = 1; } else { $strPriorState = $_POST['Qform__FormState']; if (!is_null(QForm::$EncryptionKey)) { // Use QCryptography to Decrypt $objCrypto = new QCryptography(QForm::$EncryptionKey, true); $strPriorState = $objCrypto->Decrypt($strPriorState); } $a = explode('_', $strPriorState); if (count($a) == 2 && is_numeric($a[1]) && !empty($_SESSION['qformstate'][$a[0]]['index'])) { $strFormInstance = $a[0]; $intFormStateIndex = $_SESSION['qformstate'][$a[0]]['index']; if ($blnBackButtonFlag) { // can we reuse current state info? $intFormStateIndex++; // nope // try to garbage collect if (count($_SESSION['qformstate'][$a[0]]) > self::$BackButtonMax) { foreach ($_SESSION['qformstate'][$a[0]] as $key => $val) { if (is_numeric($key) && $key < $_SESSION['qformstate'][$a[0]]['index'] - self::$BackButtonMax) { unset($_SESSION['qformstate'][$a[0]][$key]); } } } } } else { // couldn't find old session variables, so create new one $strFormInstance = uniqid(); $intFormStateIndex = 1; } } // Setup current state variable if (empty($_SESSION['qformstate'])) { $_SESSION['qformstate'] = array(); } if (empty($_SESSION['qformstate'][$strFormInstance])) { $_SESSION['qformstate'][$strFormInstance] = array(); } $_SESSION['qformstate'][$strFormInstance]['index'] = $intFormStateIndex; $_SESSION['qformstate'][$strFormInstance][$intFormStateIndex] = $strFormState; $strPostDataState = $strFormInstance . '_' . $intFormStateIndex; // Return StateIndex if (!is_null(QForm::$EncryptionKey)) { // Use QCryptography to Encrypt $objCrypto = new QCryptography(QForm::$EncryptionKey, true); return $objCrypto->Encrypt($strPostDataState); } else { return $strPostDataState; } }
public function testSerialize() { $strKey = '438ppp87dgf'; $crypt = new QCryptography($strKey); $str = 'Mary had a little lamb, a little beef, a little ham'; $e = $crypt->Encrypt($str); $this->assertNotEquals($str, $e); $encoded = serialize($crypt); $crypt2 = unserialize($encoded); $str2 = $crypt2->Decrypt($e); $this->assertEquals($str, $str2); }
public static function Save($strFormState) { // Compress (if available) if (function_exists('gzcompress')) { $strFormState = gzcompress($strFormState, 9); } if (is_null(QForm::$EncryptionKey)) { // Don't Encrypt the FormState -- Simply Base64 Encode it $strFormState = base64_encode($strFormState); // Cleanup FormState Base64 Encoding $strFormState = str_replace('+', '-', $strFormState); $strFormState = str_replace('/', '_', $strFormState); } else { // Use QCryptography to Encrypt $objCrypto = new QCryptography(QForm::$EncryptionKey, true); $strFormState = $objCrypto->Encrypt($strFormState); } return $strFormState; }
QCryptography::$Key = 'SampleKey'; // By default, let's leave Base64 encoding turned off QCryptography::$Base64 = false; $objCrypto = new QCryptography(); $strEncrypted = $objCrypto->Encrypt($strOriginal); $strDecrypted = $objCrypto->Decrypt($strEncrypted); printf('Original Data: <b>%s</b><br/>', $strOriginal); printf('Encrypted Data: <b>%s</b><br/>', $strEncrypted); printf('Decrypted Data: <b>%s</b><br/><br/><br/>', $strDecrypted); ?> <h3>TripleDES, Electronic Codebook Encryption (with Base64 encoding)</h3> <?php $strOriginal = 'Just keep examining every low bid quoted for zinc etchings.'; // Modify the base64 mode while making the specification on the constructor, itself // By default, let's instantiate a QCryptography object with Base64 encoding enabled // Note: while the resulting encrypted data is safe for any text-based stream, including // use as GET/POST data, inside the URL, etc., the resulting encrypted data stream will // be 33% larger. $objCrypto = new QCryptography(null, true); $strEncrypted = $objCrypto->Encrypt($strOriginal); $strDecrypted = $objCrypto->Decrypt($strEncrypted); printf('Original Data: <b>%s</b><br/>', $strOriginal); printf('Encrypted Data: <b>%s</b><br/>', $strEncrypted); printf('Decrypted Data: <b>%s</b><br/><br/><br/>', $strDecrypted); ?> <?php require '../includes/footer.inc.php';
public function btnAdd_Click() { //Save or create all necessary objects // Create RecurringDonation if (!$this->isEdit) { $this->objRecurringDonation = new RecurringDonation(); $this->objRecurringDonation->PersonId = QApplication::$PublicLogin->Person->Id; $this->objRecurringDonation->ConfirmationEmail = QApplication::$PublicLogin->Person->PrimaryEmail->Address; } $this->objRecurringDonation->Amount = $this->GetAmount(); $this->objRecurringDonation->Save(); //Create RecurringPayment object - and associate with RecurringDonation. if (!$this->isEdit) { $objRecurringPayment = new RecurringPayments(); } else { $objRecurringPayment = RecurringPayments::Load($this->objRecurringDonation->RecurringPaymentId); } QCryptography::$Key = CRYPTO_KEY; $objCrypto = new QCryptography(null, false); $objRecurringPayment->Address1 = $objCrypto->Encrypt(trim($this->pnlPayment->txtAddress1->Text)); $objRecurringPayment->Address2 = $objCrypto->Encrypt(trim($this->pnlPayment->txtAddress2->Text)); $objRecurringPayment->City = $objCrypto->Encrypt(trim($this->pnlPayment->txtCity->Text)); $objRecurringPayment->State = trim($this->pnlPayment->lstState->SelectedValue); $objRecurringPayment->Zip = $objCrypto->Encrypt(trim($this->pnlPayment->txtZipCode->Text)); $objRecurringPayment->ExpirationDate = sprintf('%02d%02d', $this->pnlPayment->lstCcExpMonth->SelectedValue, substr($this->pnlPayment->lstCcExpYear->SelectedValue, 2)); //$objCrypto->Encrypt(sprintf('%02d%02d', $this->pnlPayment->lstCcExpMonth->SelectedValue, substr($this->pnlPayment->lstCcExpYear->SelectedValue, 2))); $objRecurringPayment->SecurityCode = $objCrypto->Encrypt($this->pnlPayment->txtCcCsc->Text); $objRecurringPayment->CreditCardTypeId = $this->pnlPayment->lstCcType->SelectedValue; $objRecurringPayment->CardHolderName = $objCrypto->Encrypt(sprintf('%s %s', $this->pnlPayment->txtFirstName->Text, $this->pnlPayment->txtLastName->Text)); $objRecurringPayment->AccountNumber = $objCrypto->Encrypt($this->pnlPayment->txtCcNumber->Text); $objRecurringPayment->AuthorizeFlag = $this->chkAgreement->Checked; $objRecurringPayment->StartDate = $this->dtxStartDate->DateTime; $objRecurringPayment->EndDate = $this->dtxEndDate->DateTime; $objRecurringPayment->Amount = $this->GetAmount(); $objRecurringPayment->PaymentPeriodId = $this->lstPaymentPeriod->SelectedValue; $objRecurringPayment->Name = $this->txtPaymentName->Text; $intRecurringPaymentId = $objRecurringPayment->Save(); if (!$this->isEdit) { $this->objRecurringDonation->RecurringPaymentId = $intRecurringPaymentId; $this->objRecurringDonation->Save(); } // Create RecurringDonationItems - And associate with RecurringDonation foreach ($this->objDonationItemArray as $objDonationItem) { if ($objDonationItem->Amount) { $objOnlineDonationLineItem = clone $objDonationItem; $objOnlineDonationLineItem->RecurringDonationId = $this->objRecurringDonation->Id; $objOnlineDonationLineItem->DonationFlag = true; $objOnlineDonationLineItem->Save(); } } QApplication::Redirect('/give/recurring.php'); }
/** * Create and store in the user's cookie a login ticket so that they * can stay logged in across browser sessions * @param $objPerson Person * @return void */ public static function SetLoginTicketToCookie(Person $objPerson) { // Create a new ticket for this user $objTicket = new LoginTicket(); $objTicket->Person = $objPerson; $objTicket->Save(); $objCrypto = new QCryptography(); $strTicket = $objCrypto->Encrypt($objTicket->Id . '_' . $objPerson->Id); setcookie('strTicket', $strTicket, time() + 60 * 60 * 24 * 365, '/', null); }
/** * @static * * @param $strFormState * @param $blnBackButtonFlag * * @return string */ public static function Save($strFormState, $blnBackButtonFlag) { $objDatabase = QApplication::$Database[self::$intDbIndex]; $strOriginal = $strFormState; // compress (if available) if (function_exists('gzcompress') && self::$blnCompress) { $strFormState = gzcompress($strFormState, 9); } if (defined('__DB_BACKED_FORM_STATE_HANDLER_ENCRYPTION_KEY__')) { try { $crypt = new QCryptography(__DB_BACKED_FORM_STATE_HANDLER_ENCRYPTION_KEY__, false, null, __DB_BACKED_FORM_STATE_HANDLER_HASH_KEY__); $strFormState = $crypt->Encrypt($strFormState); } catch (Exception $e) { } } if (self::$blnBase64) { $encoded = base64_encode($strFormState); if ($strFormState && !$encoded) { throw new Exception("Base64 Encoding Failed on " . $strOriginal); } else { $strFormState = $encoded; } } if (!empty($_POST['Qform__FormState']) && QApplication::$RequestMode == QRequestMode::Ajax) { // update the current form state if possible $strPageId = $_POST['Qform__FormState']; $strQuery = ' UPDATE ' . $objDatabase->EscapeIdentifier(self::$strTableName) . ' SET ' . $objDatabase->EscapeIdentifier('save_time') . ' = ' . $objDatabase->SqlVariable(time()) . ', ' . $objDatabase->EscapeIdentifier('state_data') . ' = ' . $objDatabase->SqlVariable($strFormState) . ' WHERE ' . $objDatabase->EscapeIdentifier('page_id') . ' = ' . $objDatabase->SqlVariable($strPageId); $objDatabase->NonQuery($strQuery); if ($objDatabase->AffectedRows > 0) { return $strPageId; // successfully updated the current record. No need to create a new one. } } // First see if we need to perform garbage collection // Decide for garbage collection if (self::$intGarbageCollectOnHitCount > 0 && rand(1, self::$intGarbageCollectOnHitCount) == 1) { self::GarbageCollect(); } //*/ // Figure Out Session Id (if applicable) $strSessionId = session_id(); // Calculate a new unique Page Id $strPageId = md5(microtime()); // Figure Out Page ID to be saved onto the database $strPageId = sprintf('%s_%s', $strSessionId, $strPageId); // Save THIS formstate to the database //Get database // Create the query $strQuery = ' INSERT INTO ' . $objDatabase->EscapeIdentifier(self::$strTableName) . ' ( ' . $objDatabase->EscapeIdentifier('page_id') . ', ' . $objDatabase->EscapeIdentifier('session_id') . ', ' . $objDatabase->EscapeIdentifier('save_time') . ', ' . $objDatabase->EscapeIdentifier('state_data') . ' ) VALUES ( ' . $objDatabase->SqlVariable($strPageId) . ', ' . $objDatabase->SqlVariable($strSessionId) . ', ' . $objDatabase->SqlVariable(time()) . ', ' . $objDatabase->SqlVariable($strFormState) . ' )'; $result = $objDatabase->NonQuery($strQuery); // Return the Page Id // Because of the MD5-random nature of the Page ID, there is no need/reason to encrypt it return $strPageId; }
/** * Write data to the session * * @param string $id The session ID * @param string $strSessionData Data to be written to the Session whose ID was supplied * * @return bool */ public static function SessionWrite($id, $strSessionData) { if (empty($strSessionData)) { static::SessionDestroy($id); return true; } $strEncoded = $strSessionData; if (self::$blnCompress) { $strEncoded = gzcompress($strSessionData); } if (defined('DB_BACKED_SESSION_HANDLER_ENCRYPTION_KEY')) { try { $crypt = new QCryptography(DB_BACKED_SESSION_HANDLER_ENCRYPTION_KEY, false, null, DB_BACKED_SESSION_HANDLER_HASH_KEY); $strEncoded = $crypt->Encrypt($strEncoded); } catch (Exception $e) { } } if (self::$blnBase64) { $encoded = base64_encode($strEncoded); if ($strEncoded && !$encoded) { throw new Exception("Base64 Encoding Failed on " . $strSessionData); } else { $strEncoded = $encoded; } } assert(!empty($strEncoded)); $id = self::$strSessionName . '.' . $id; $objDatabase = QApplication::$Database[self::$intDbIndex]; $objDatabase->InsertOrUpdate(self::$strTableName, array('data' => $strEncoded, 'last_access_time' => time(), 'id' => $id), 'id'); return true; }